• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Multiple Vendor Telnetd Buffer Overflow Vulnerability

Solution:
Vendor-supplied patches and updates that rectify this issue are available.

Cisco has released fixes for vulnerable versions of CatOS running on Catalyst devices.

Gentoo has released updated packages to address this issue. Please see the referenced Gentoo advisory (GLSA 200410-03) for more information. Gentoo users may carry out the following commands to update their computers:

emerge sync
emerge -pv ">=net-misc/netkit-telnetd-0.17-r4"
emerge ">=net-misc/netkit-telnetd-0.17-r4"

Additional upgrades are available.


IBM AIX 5.1

• IBM IY22021
  

MIT Kerberos 5 1.1.1

• RedHat 6.2 alpha krb5-configs-1.1.1-28.alpha.rpm
  ftp://updates.redhat.com/6.2/en/os/alpha/krb5-configs-1.1.1-28.alpha.r pm


• RedHat 6.2 alpha krb5-devel-1.1.1-28.alpha.rpm
  ftp://updates.redhat.com/6.2/en/os/alpha/krb5-devel-1.1.1-28.alpha.rpm


• RedHat 6.2 alpha krb5-libs-1.1.1-28.alpha.rpm
  ftp://updates.redhat.com/6.2/en/os/alpha/krb5-libs-1.1.1-28.alpha.rpm


• RedHat 6.2 alpha krb5-server-1.1.1-28.alpha.rpm
  ftp://updates.redhat.com/6.2/en/os/alpha/krb5-server-1.1.1-28.alpha.rp m


• RedHat 6.2 alpha krb5-workstation-1.1.1-28.alpha.rpm
  ftp://updates.redhat.com/6.2/en/os/alpha/krb5-workstation-1.1.1-28.alp ha.rpm


• RedHat 6.2 i386 krb5-configs-1.1.1-28.i386.rpm
  ftp://updates.redhat.com/6.2/en/os/i386/krb5-configs-1.1.1-28.i386.rpm


• RedHat 6.2 i386 krb5-devel-1.1.1-28.i386.rpm
  ftp://updates.redhat.com/6.2/en/os/i386/krb5-devel-1.1.1-28.i386.rpm


• RedHat 6.2 i386 krb5-libs-1.1.1-28.i386.rpm
  ftp://updates.redhat.com/6.2/en/os/i386/krb5-libs-1.1.1-28.i386.rpm


• RedHat 6.2 i386 krb5-server-1.1.1-28.i386.rpm
  ftp://updates.redhat.com/6.2/en/os/i386/krb5-server-1.1.1-28.i386.rpm


• RedHat 6.2 i386 krb5-workstation-1.1.1-28.i386.rpm
  ftp://updates.redhat.com/6.2/en/os/i386/krb5-workstation-1.1.1-28.i386 .rpm


• RedHat 6.2 sparc krb5-configs-1.1.1-28.sparc.rpm
  ftp://updates.redhat.com/6.2/en/os/sparc/krb5-configs-1.1.1-28.sparc.r pm


• RedHat 6.2 sparc krb5-devel-1.1.1-28.sparc.rpm
  ftp://updates.redhat.com/6.2/en/os/sparc/krb5-devel-1.1.1-28.sparc.rpm


• RedHat 6.2 sparc krb5-libs-1.1.1-28.sparc.rpm
  ftp://updates.redhat.com/6.2/en/os/sparc/krb5-libs-1.1.1-28.sparc.rpm


• RedHat 6.2 sparc krb5-server-1.1.1-28.sparc.rpm
  ftp://updates.redhat.com/6.2/en/os/sparc/krb5-server-1.1.1-28.sparc.rp m


• RedHat 6.2 sparc krb5-workstation-1.1.1-28.sparc.rpm
  ftp://updates.redhat.com/6.2/en/os/sparc/krb5-workstation-1.1.1-28.spa rc.rpm


• RedHat 7.0 alpha krb5-devel-1.2.2-12.alpha.rpm
  ftp://updates.redhat.com/7.0/en/os/alpha/krb5-devel-1.2.2-12.alpha.rpm


• RedHat 7.0 alpha krb5-libs-1.2.2-12.alpha.rpm
  ftp://updates.redhat.com/7.0/en/os/alpha/krb5-libs-1.2.2-12.alpha.rpm


• RedHat 7.0 alpha krb5-server-1.2.2-12.alpha.rpm
  ftp://updates.redhat.com/7.0/en/os/alpha/krb5-server-1.2.2-12.alpha.rp m


• RedHat 7.0 alpha krb5-workstation-1.2.2-12.alpha.rpm
  ftp://updates.redhat.com/7.0/en/os/alpha/krb5-workstation-1.2.2-12.alp ha.rpm


• RedHat 7.0 i386 krb5-devel-1.2.2-12.i386.rpm
  ftp://updates.redhat.com/7.0/en/os/i386/krb5-devel-1.2.2-12.i386.rpm


• RedHat 7.0 i386 krb5-libs-1.2.2-12.i386.rpm
  ftp://updates.redhat.com/7.0/en/os/i386/krb5-libs-1.2.2-12.i386.rpm


• RedHat 7.0 i386 krb5-server-1.2.2-12.i386.rpm
  ftp://updates.redhat.com/7.0/en/os/i386/krb5-server-1.2.2-12.i386.rpm


• RedHat 7.0 i386 krb5-workstation-1.2.2-12.i386.rpm
  ftp://updates.redhat.com/7.0/en/os/i386/krb5-workstation-1.2.2-12.i386 .rpm


• RedHat 7.1 alpha krb5-devel-1.2.2-12.alpha.rpm
  ftp://updates.redhat.com/7.1/en/os/alpha/krb5-devel-1.2.2-12.alpha.rpm


• RedHat 7.1 alpha krb5-libs-1.2.2-12.alpha.rpm
  ftp://updates.redhat.com/7.1/en/os/alpha/krb5-libs-1.2.2-12.alpha.rpm


• RedHat 7.1 alpha krb5-server-1.2.2-12.alpha.rpm
  ftp://updates.redhat.com/7.1/en/os/alpha/krb5-server-1.2.2-12.alpha.rp m


• RedHat 7.1 alpha krb5-workstation-1.2.2-12.alpha.rpm
  ftp://updates.redhat.com/7.1/en/os/alpha/krb5-workstation-1.2.2-12.alp ha.rpm


• RedHat 7.1 i386 krb5-devel-1.2.2-12.i386.rpm
  ftp://updates.redhat.com/7.1/en/os/i386/krb5-devel-1.2.2-12.i386.rpm


• RedHat 7.1 i386 krb5-libs-1.2.2-12.i386.rpm
  ftp://updates.redhat.com/7.1/en/os/i386/krb5-libs-1.2.2-12.i386.rpm


• RedHat 7.1 i386 krb5-server-1.2.2-12.i386.rpm
  ftp://updates.redhat.com/7.1/en/os/i386/krb5-server-1.2.2-12.i386.rpm


• RedHat 7.1 i386 krb5-workstation-1.2.2-12.i386.rpm
  ftp://updates.redhat.com/7.1/en/os/i386/krb5-workstation-1.2.2-12.i386 .rpm


• RedHat 7.1 ia64 krb5-devel-1.2.2-12.ia64.rpm
  ftp://updates.redhat.com/7.1/en/os/ia64/krb5-devel-1.2.2-12.ia64.rpm


• RedHat 7.1 ia64 krb5-libs-1.2.2-12.ia64.rpm
  ftp://updates.redhat.com/7.1/en/os/ia64/krb5-libs-1.2.2-12.ia64.rpm


• RedHat 7.1 ia64 krb5-server-1.2.2-12.ia64.rpm
  ftp://updates.redhat.com/7.1/en/os/ia64/krb5-server-1.2.2-12.ia64.rpm


• RedHat 7.1 ia64 krb5-workstation-1.2.2-12.ia64.rpm
  ftp://updates.redhat.com/7.1/en/os/ia64/krb5-workstation-1.2.2-12.ia64 .rpm

HP HP-UX 10.20

• HP PHNE_24821
  http://itrc.hp.com

HP HP-UX 10.24

• HP PHNE_25217
  http://itrc.hp.com

Cisco VPN 3000 Concentrator 3.0

• Cisco VPN 3000 Concentrator 3.0.4
  http://www.cisco.com/tac

Cisco VPN 3000 Concentrator 3.0.3 (B)

• Cisco VPN 3000 Concentrator 3.0.4
  http://www.cisco.com/tac

Cisco VPN 3000 Concentrator 3.0.3 (A)

• Cisco VPN 3000 Concentrator 3.0.4
  http://www.cisco.com/tac

BSDI BSD/OS 4.2

• BSDi 4.2 M420-014
  http://www.bsdi.com/services/support/patches/patches-4.2/i386/M420-014

FreeBSD FreeBSD 4.3 -RELEASE

• FreeBSD SA-01:49 telnetd-crypto.patch
  ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:49/telnetd-crypto .patch


• FreeBSD SA-01:49 telnetd.patch
  ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-01:49/telnetd.patch


• FreeBSD SA-01:49 security-patch-telnetd-01.49.tgz
  ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/packages/SA-01:49/security-patc h-telnetd-01.49.tgz


• FreeBSD SA-01:49 security-patch-telnetd-crypto-01.49.tgz
  ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/packages/SA-01:49/security-patc h-telnetd-crypto-01.49.tgz

IBM AIX 4.3.2

• IBM IY22029
  

SCO Open Server 5.0.5

• SCO CSSA-2001-SCO.10 libresolv.so.1.Z
  ftp://ftp.sco.com/pub/security/openserver/sr849876/libresolv.so.1.Z


• SCO CSSA-2001-SCO.10 libsocket.so.2.Z
  ftp://ftp.sco.com/pub/security/openserver/sr849876/libsocket.so.2.Z


• SCO CSSA-2001-SCO.10 telnetd.Z
  ftp://ftp.sco.com/pub/security/openserver/sr849876/telnetd.Z

SCO Open Server 5.0.6

• SCO CSSA-2001-SCO.10 libresolv.so.1.Z
  ftp://ftp.sco.com/pub/security/openserver/sr849876/libresolv.so.1.Z


• SCO CSSA-2001-SCO.10 libsocket.so.2.Z
  ftp://ftp.sco.com/pub/security/openserver/sr849876/libsocket.so.2.Z


• SCO CSSA-2001-SCO.10 telnetd.Z
  ftp://ftp.sco.com/pub/security/openserver/sr849876/telnetd.Z

Cisco Catalyst 6000 6.1 (1b)

• Cisco Catalyst Release 6.3(4)
  Upgrade for Catalyst 4000, 5000, 6000 Release 6 code base.
  

Cisco Catalyst 5000 6.1 (3)

• Cisco Catalyst Release 6.3(4)
  Upgrade for Catalyst 4000, 5000, 6000 Release 6 code base.
  

Cisco Catalyst 6000 6.1 (1a)

• Cisco Catalyst Release 6.3(4)
  Upgrade for Catalyst 4000, 5000, 6000 Release 6 code base.
  

Cisco Catalyst 5000 6.1 (1)

• Cisco Catalyst Release 6.3(4)
  Upgrade for Catalyst 4000, 5000, 6000 Release 6 code base.
  

Cisco Catalyst 6000 6.1 (1)

• Cisco Catalyst Release 6.3(4)
  Upgrade for Catalyst 4000, 5000, 6000 Release 6 code base.
  

Cisco Catalyst 6000 6.2 (0.110)

• Cisco Catalyst Release 6.3(4)
  Upgrade for Catalyst 4000, 5000, 6000 Release 6 code base.
  

Cisco Catalyst 6000 6.3 (0.7)PAN

• Cisco Catalyst Release 6.3(4)
  Upgrade for Catalyst 4000, 5000, 6000 Release 6 code base.
  

SGI IRIX 6.5.1

• SGI Maintenance Releases
  Upgrade to the latest Maintenance Release of IRIX 6.5.x here.
  http://support.sgi.com/colls/patches/tools/relstream/index.html

SGI IRIX 6.5.3

• SGI Maintenance Releases
  Upgrade to the latest Maintenance Release of IRIX 6.5.x here.
  http://support.sgi.com/colls/patches/tools/relstream/index.html

SGI IRIX 6.5.4

• SGI Maintenance Releases
  Upgrade to the latest Maintenance Release of IRIX 6.5.x here.
  http://support.sgi.com/colls/patches/tools/relstream/index.html

SGI IRIX 6.5.8

• SGI Maintenance Releases
  Upgrade to the latest Maintenance Release of IRIX 6.5.x here.
  http://support.sgi.com/colls/patches/tools/relstream/index.html

Cisco Catalyst 4000 7.1

• Cisco Catalyst Release 7.1(2)
  Upgrade for Catalyst Release 4000, 6000 Release 7 code base. Will be available on OCC on Feb 4/2002.
  

Cisco Catalyst 6000 7.1

• Cisco Catalyst Release 7.1(2)
  Upgrade for Catalyst Release 4000, 6000 Release 7 code base. Will be available on OCC on Feb 4/2002.